package com.yixq.soa.service.auth.controller;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;

import javax.servlet.http.HttpServletRequest;

import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

import com.alibaba.fastjson.JSONObject;
import com.yixq.soa.service.web.annotation.Ver;
import com.yixq.soa.service.web.auth.TokenManager;
import com.yixq.soa.service.web.auth.model.TokenModel;
import com.yixq.soa.service.web.utils.BaseController;

/**
 * oauth接口授权
 * 
 * @ClassName: OauthController
 * @Description:
 * @author xiaoqun.yi yixq@doordu.com
 * @date 2017年4月6日 下午2:36:26
 * @version V1.0
 */
@Api(tags = "OauthController", description = "接口授权接口")
@RestController
@RequestMapping("/auth")
public class OauthController extends BaseController {
	protected static final Logger logger = LoggerFactory.getLogger(OauthController.class);
	@Autowired
	private TokenManager tokenManager;
	@ApiOperation(value = "oauth接口授权生成token", notes = "oauth接口授权生成token")
	@ApiResponses({ @ApiResponse(code = 200, message = "处理成功") })
	@ApiImplicitParams({ @ApiImplicitParam(name = "ver", value = "接口版本", paramType = "path", required = true, dataType = "String", defaultValue = "v1"),
			@ApiImplicitParam(name = "appid", value = "应用id", paramType = "query", required = true, dataType = "String", defaultValue = ""),
			@ApiImplicitParam(name = "appsecret", value = "应用密钥", paramType = "query", required = true, dataType = "String", defaultValue = "") })
	@RequestMapping(path = "/createtoken/{ver}", method = { RequestMethod.GET, RequestMethod.POST })
	@Ver("1")
	public ResponseEntity<Object> createToken(String appid, String appsecret,HttpServletRequest request) {
		if (StringUtils.isEmpty(appid)) {
			return error("appid应用id不能为空","401");
		}
		if (StringUtils.isEmpty(appsecret)) {
			return error("appsecret应用密钥不能为空","401");
		}
		if (!appid.equals("doorduadmin")) {
			return error("appid不正确","401");
		}
		if (!appsecret.equals("doordadmin20170405")) {
			return error("appsecret密钥不正确","401");
		}
		TokenModel token = tokenManager.createToken(appid);
		logger.warn("******token:"+JSONObject.toJSONString(token));
		return ok(token, "操作成功");
	}
	
	
	@ApiOperation(value = "oauth接口授权", notes = "oauth接口授权")
	@ApiResponses({ @ApiResponse(code = 200, message = "处理成功") })
	@ApiImplicitParams({ @ApiImplicitParam(name = "ver", value = "接口版本", paramType = "path", required = true, dataType = "String", defaultValue = "v1"),
			@ApiImplicitParam(name = "appid", value = "应用id", paramType = "query", required = true, dataType = "String", defaultValue = ""),
			@ApiImplicitParam(name = "appsecret", value = "应用密钥", paramType = "query", required = true, dataType = "String", defaultValue = "") })
	@RequestMapping(path = "/checktoken/{ver}", method = { RequestMethod.GET, RequestMethod.POST })
	@Ver("1")
	public ResponseEntity<Object> checkToken(TokenModel tokenModel,HttpServletRequest request) {
		/*boolean authFlag=checkToken(request);
		if(!authFlag){
			logger.warn("token信息失效，您无权限访问此接口");
		}*/
		boolean flag=tokenManager.checkToken(tokenModel);
		if(!flag){
			return error("token信息已失效","401");
		}
		
		return ok(null,"token信息有效");
	}
}
